Financial impact of incidents on cyber-physical structures could generate losses of more than $ 50 billion worldwide
Responsibility for cyber-physical security incidents will no longer be a purely corporate issue and become a personal issue for 75% of CEOs by 2024. This is one of the highlights of the most recent research released by Gartner, Inc., a world leader in research and advice for companies.
According to the survey, this will happen due to the nature and importance of cyber-physical systems (CPSs - Cyber-Physical Systems in English). According to Gartner, CPS are systems and resources designed to orchestrate the relationship and analysis of all digital interaction with the physical world (including humans), allowing the control, detection and scaling of potential events, as well as monitoring the consequences of this relationship. .
In other words, these solutions support all efforts to connect the IT environment with operational structures and Internet of Things (IoT) devices, in which security considerations span the cyber and physical worlds, such as critical and asset-intensive infrastructure and clinical health environments. As a consequence, all possible incidents related to cyber-physical infrastructure can cause a series of serious impacts, including physical damage to people, property or even causing environmental disasters.
In this scenario, Gartner analysts estimate that the number of incidents will increase rapidly in the coming years, due to the lack of focus on security and the lack of investments aligned with these assets.
"Regulatory bodies and governments will respond promptly to an increase in serious incidents caused by breaches of protection of CPSs, dramatically increasing the rules and regulations that govern them," says Katell Thielemann, Vice President of Research at Gartner. “In the United States, for example, the FBI, the NSA and the Infrastructure and Cyber Security Agency (CISA) have already expanded the frequency and details regarding threats to systems related to critical infrastructure, with the majority is owned by the private sector. Soon, CEOs will not be able to claim no knowledge or hide behind their insurance policies. ”
Gartner predicts that the financial impact of the PHC attacks resulting in fatal losses will reach about $ 50 billion by 2023. Even without considering the current value of human life in the equation, the costs to organizations in terms of compensation, litigation, insurance, regulatory fines and loss of reputation will be significant.
"Technology leaders need to help CEOs understand the risks that CPSs pose and the need to devote the organization's focus and budget to protecting them," says the Gartner analyst. "The more connected CPSs there are, the more likely an incident is to occur."
With Operational Technology, smart buildings and cities, connected cars and autonomous vehicles, incidents in the digital world will have a much greater effect in the physical world, since there are now risks, threats and vulnerabilities in a two-way cyberphysical spectrum. However, many companies are not aware of the CPSs already deployed in their organizations, either by legacy systems connected to corporate networks by teams outside of IT or as a result of new investments in automation and modernization aimed at business.
“A focus on Operational Resilience Management (ORM) in addition to information-centric cyber security is extremely necessary,” says Thielemann.
EN 
PT 
